<html>
<head>
    <title>Uploading...</title>
</head>

<body>
    <h1>Uploading file...</h1>
    <?php
        
        require_once('../util.php');
        // check upload error
        if ($_FILES['userfile']['error'] > 0) {
            echo 'Problem: ';
            switch ($_FILES['userfile']['error']) {

                case 1: preEcho('File exceed upload_max_filesize');
                    break;

                case 2: proEcho('File exceed max_file_size');
                    break;

                case 3: proEcho('File only prtially uploaded');
                    break;

                case 4: proEcho('No file uploaded');
                    break;

                case 6: preEcho('Cannot upload file: No temp directory specified');
                    break;

                case 7: preEcho('Upload Failed: can not write to disk');
                    break;
            }

            exit;
        }

        // check does the file have the right MIME type
        $upfile = './uploads/'.$_FILES['userfile']['name'];

        if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
            if (!move_uploaded_file($_FILES['userfile']['tmp_name'], $upfile)) {
                preEcho('Problem: could not move file to destination directory');
                exit;
            }
        } else {
            preEcho('Problem: Possible file upload attack. Filename: ');
            preEcho($_FILES['userfile']['name']);
            exit;
        }

        preEcho('File uploaded successfully!');

        // remove possible html and php tags from the file's contents
        $content = file_get_contents($upfile);
        $content = strip_tags($content);
        file_put_contents($upfile, $content);

        // echo what was uploaded
        echo '<p>Preview: </p>';
        echo nl2br($content);
        echo '<br />';
    ?>
</body>
</html>
